Added patch to fix insecure tempfile handling (see bug #235804). Removed ebuilds for vulnerable versions.

Package-Manager: portage-2.2_rc9/cvs/Linux 2.6.26-SENTINEL-2 i686

5 files changed, 214 insertions, 40 deletions

diff --git a/sci-biology/mafft/ChangeLog b/sci-biology/mafft/ChangeLog
index 9685d6731076..5d3e5a9d044f 100644
--- a/sci-biology/mafft/ChangeLog
+++ b/sci-biology/mafft/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for sci-biology/mafft
-# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/ChangeLog,v 1.3 2007/10/10 10:23:40 markusle Exp $
+# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/ChangeLog,v 1.4 2008/09/23 01:32:55 markusle Exp $
+
+*mafft-6.240-r1 (23 Sep 2008)
+
+  23 Sep 2008; Markus Dittrich <markusle@gentoo.org>
+  +files/mafft-6.240-mktemp.patch, -mafft-5.861-r1.ebuild,
+  -mafft-6.240.ebuild, +mafft-6.240-r1.ebuild:
+  Added patch to fix insecure tempfile handling (see bug #235804). 
+  Removed ebuilds for vulnerable versions.
 
   08 Oct 2007; Markus Dittrich <markusle@gentoo.org> mafft-5.861-r1.ebuild, +mafft-6.240.ebuild:
   Fixed wrongs SRC_URI and HOMEPAGE (see bug #195080). Also bumped
diff --git a/sci-biology/mafft/Manifest b/sci-biology/mafft/Manifest
index 9bf4d3cc2d8f..e88d40e3695c 100644
--- a/sci-biology/mafft/Manifest
+++ b/sci-biology/mafft/Manifest
@@ -1,6 +1,5 @@
-DIST mafft-5.861-src.tgz 294337 RMD160 120130662e7353f8f310911a5b52657520ffe5cf SHA1 f140a579ecf81474ff5205a651155050655baa40 SHA256 c76466406797bcf13e07a4d877ba2053d06585116a498775f03252aa9843c5d9
+AUX mafft-6.240-mktemp.patch 6497 RMD160 ffa5d5889315614fd065e72425b1db3e8272f7b2 SHA1 5584719991e7b5c7d014c8cb1b59391f71f24668 SHA256 783f6f5678781dff1fafece92f37688698052fe1e0bfa13850443a0f8cc91533
 DIST mafft-6.240-src.tgz 657197 RMD160 1cb77af7a5a6b9ab818560d9626e746fb7a3b839 SHA1 8fc05350d9dcf8a9f56bdeed20790a4e1f21ceba SHA256 d0183ab1d6a5e0d1132b95cb917fedb3b6dc16c38d3fde35d7140ecdca555e8f
-EBUILD mafft-5.861-r1.ebuild 813 RMD160 4ad40700b9653c26c43504bb13d3873808b9da0a SHA1 67b78cfd426ec592f2d6367ac0c74b1dbb41ad94 SHA256 1ffb35bae39162aceaf014208c40472848e134a7c3f1a9427ce7a7356145f84a
-EBUILD mafft-6.240.ebuild 810 RMD160 a290ee8a6bb6073f7d2b6eb170fd7b4286453422 SHA1 2878dfb65f12fc26c187f898cce2614aaf9b14ab SHA256 9cacd12019070ef67c3ac1309628567ffa0bd2a39c814cd76a9926ed48cfdc19
-MISC ChangeLog 841 RMD160 1cd7ef6efb285fab112f36b858d1e5f9ee948a18 SHA1 944e55a3a894a12a29baa8608058cb1e1bcd6ef3 SHA256 7b4b10bea5ff66160708296440283b92d5e3ddb62075eacfd0731b803c187ac3
+EBUILD mafft-6.240-r1.ebuild 903 RMD160 6027346a38f285594256f7a346a43bd58467e5a7 SHA1 24c5c06098884602141597aaf740663bc1cd05d4 SHA256 3edbc334908f0ae44cdc0b399dea9cf4add782efb9998232cfa77b42b94964cb
+MISC ChangeLog 1143 RMD160 657add25965f8e30f8e01af08b15da46fc4eaa72 SHA1 1f3d34fdde229ab9f034448b0c5828147486fc09 SHA256 a6644d340981cbb1145ea767fdec633391c73945855727752121d4371a84c5ae
 MISC metadata.xml 164 RMD160 2f441200f2672ab5f1efae7cbdb08b284603903c SHA1 61a50baedfd041e663d6c2a41a28b57e22dbb6de SHA256 f0897b09e661dc603041dab249d73253034659189becf1a34cca37a7d51ef72f
diff --git a/sci-biology/mafft/files/mafft-6.240-mktemp.patch b/sci-biology/mafft/files/mafft-6.240-mktemp.patch
new file mode 100644
index 000000000000..1b96c8f47204
--- /dev/null
+++ b/sci-biology/mafft/files/mafft-6.240-mktemp.patch
@@ -0,0 +1,191 @@
+diff -Naur mafft-6.240/src/mafft-homologs.tmpl mafft-6.240.new/src/mafft-homologs.tmpl
+--- mafft-6.240/src/mafft-homologs.tmpl	2006-10-01 20:31:38.000000000 -0400
++++ mafft-6.240.new/src/mafft-homologs.tmpl	2008-09-05 17:14:17.000000000 -0400
+@@ -31,11 +31,22 @@
+ #   -w        entire sequences are subjected to BLAST search 
+ #             (default: well-aligned region only)
+ 
+-
+ require 'getopts'
++require 'tempfile'
++
++# create temporary files
++temp_vf = Tempfile.new("_vf").path
++temp_if = Tempfile.new("_if").path
++temp_pf = Tempfile.new("_pf").path
++temp_af = Tempfile.new("_af").path
++temp_qf = Tempfile.new("_qf").path
++temp_bf = Tempfile.new("_bf").path
++temp_rid = Tempfile.new("_rid").path
++temp_res = Tempfile.new("_res").path
+ 
+-system( mafftpath + " --help > /tmp/_vf#{$$} 2>&1" )
+-pfp = File.open( "/tmp/_vf#{$$}", 'r' )
++
++system( mafftpath + " --help > #{temp_vf} 2>&1" )
++pfp = File.open( "#{temp_vf}", 'r' )
+ while pfp.gets
+ 	break if $_ =~ /MAFFT v/
+ end
+@@ -114,35 +125,38 @@
+ 	mafftopt += " " + $OPT_o + " "
+ end
+ 
+-system "cat " + ARGV.to_s + " > /tmp/_if#{$$}"
++system "cat " + ARGV.to_s + " > #{temp_if}"
+ ar = mafftopt.split(" ")
+ nar = ar.length
+ for i in 0..(nar-1)
+ 	if ar[i] == "--seed" then
+-		system "cat #{ar[i+1]} >> /tmp/_if#{$$}"
++		system "cat #{ar[i+1]} >> #{temp_if}"
+ 	end
+ end
+ 
+ nseq = 0
+-ifp = File.open( "/tmp/_if#{$$}", 'r' )
++ifp = File.open( "#{temp_if}", 'r' )
+ 	while ifp.gets
+ 		nseq += 1 if $_ =~ /^>/
+ 	end
+ ifp.close
+ 
+-STDERR.puts "Performing preliminary alignment .. "
+-if nseq == 1 then
+-	system( "cp /tmp/_if#{$$}"  + " /tmp/_pf#{$$}" )
++if nseq >= 100 then
++	STDERR.puts "The number of input sequences must be <100."
++	exit
++elsif nseq == 1 then
++	system( "cp #{temp_if}"  + " #{temp_pf}" )
+ else
++	STDERR.puts "Performing preliminary alignment .. "
+ 	if entiresearch == 1 then
+-#		system( mafftpath + " --maxiterate 1000 --localpair /tmp/_if#{$$} > /tmp/_pf#{$$}" )
+-		system( mafftpath + " --maxiterate 0 --retree 2 /tmp/_if#{$$} > /tmp/_pf#{$$}" )
++#		system( mafftpath + " --maxiterate 1000 --localpair #{temp_if} > #{temp_pf}" )
++		system( mafftpath + " --maxiterate 0 --retree 2 #{temp_if} > #{temp_pf}" )
+ 	else
+-		system( mafftpath + " --maxiterate 1000 --localpair --core --coreext --corethr #{corethr.to_s} --corewin #{corewin.to_s} /tmp/_if#{$$} > /tmp/_pf#{$$}" )
++		system( mafftpath + " --maxiterate 1000 --localpair --core --coreext --corethr #{corethr.to_s} --corewin #{corewin.to_s} #{temp_if} > #{temp_pf}" )
+ 	end
+ end
+ 
+-pfp = File.open( "/tmp/_pf#{$$}", 'r' )
++pfp = File.open( "#{temp_pf}", 'r' )
+ inname = []
+ inseq = []
+ slen = []
+@@ -155,7 +169,7 @@
+ end
+ pfp.close
+ 
+-pfp = File.open( "/tmp/_if#{$$}", 'r' )
++pfp = File.open( "#{temp_if}", 'r' )
+ orname = []
+ orseq = []
+ nin = 0
+@@ -188,7 +202,7 @@
+ #p act
+ 
+ 
+-afp = File.open( "/tmp/_af#{$$}", 'w' )
++afp = File.open( "#{temp_af}", 'w' )
+ 
+ STDERR.puts "Searching .. \n"
+ ids = []
+@@ -209,10 +223,10 @@
+ 	end
+ 
+ 	if local == 0 then
+-		command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?QUERY=" + inseq[i] + "&DATABASE=swissprot&HITLIST_SIZE=" + nadd.to_s + "&FILTER=L&EXPECT='" + eval.to_s + "'&FORMAT_TYPE=TEXT&PROGRAM=blastp&SERVICE=plain&NCBI_GI=on&PAGE=Proteins&CMD=Put' > /tmp/_rid#{$$}"
++		command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?QUERY=" + inseq[i] + "&DATABASE=swissprot&HITLIST_SIZE=" + nadd.to_s + "&FILTER=L&EXPECT='" + eval.to_s + "'&FORMAT_TYPE=TEXT&PROGRAM=blastp&SERVICE=plain&NCBI_GI=on&PAGE=Proteins&CMD=Put' > #{temp_rid}"
+ 		system command
+ 	
+-		ridp = File.open( "/tmp/_rid#{$$}", 'r' )
++		ridp = File.open( "#{temp_rid}", 'r' )
+ 		while ridp.gets
+ 			break if $_ =~ / RID = (.*)/
+ 		end
+@@ -224,9 +238,9 @@
+ 		while 1 
+ 			STDERR.printf "."
+ 			sleep 10
+-			command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?RID=" + rid + "&DESCRIPTIONS=500&ALIGNMENTS=" + nadd.to_s + "&ALIGNMENT_TYPE=Pairwise&OVERVIEW=no&CMD=Get&FORMAT_TYPE=XML' > /tmp/_res#{$$}"
++			command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?RID=" + rid + "&DESCRIPTIONS=500&ALIGNMENTS=" + nadd.to_s + "&ALIGNMENT_TYPE=Pairwise&OVERVIEW=no&CMD=Get&FORMAT_TYPE=XML' > #{temp_res}"
+ 			system command
+-			resp = File.open( "/tmp/_res#{$$}", 'r' )
++			resp = File.open( "#{temp_res}", 'r' )
+ #			resp.gets
+ #			if $_ =~ /WAITING/ then
+ #				resp.close
+@@ -247,17 +261,17 @@
+ 	else
+ #		puts "Not supported"
+ #		exit
+-		qfp = File.open( "/tmp/_q#{$$}", 'w' )
++		qfp = File.open( "#{temp_qf}", 'w' )
+ 			qfp.puts "> "
+ 			qfp.puts inseq[i]
+ 		qfp.close
+-		command = blastpath + "  -p blastp  -e #{eval} -b 1000 -m 7 -i /tmp/_q#{$$} -d #{localdb} > /tmp/_res#{$$}"
++		command = blastpath + "  -p blastp  -e #{eval} -b 1000 -m 7 -i #{temp_qf} -d #{localdb} > #{temp_res}"
+ 		system command
+-		resp = File.open( "/tmp/_res#{$$}", 'r' )
++		resp = File.open( "#{temp_res}", 'r' )
+ 	end
+ 	STDERR.puts " Done.\n\n"
+ 
+-	resp = File.open( "/tmp/_res#{$$}", 'r' )
++	resp = File.open( "#{temp_res}", 'r' )
+ 	while 1
+ 		while resp.gets
+ 			break if $_ =~ /<Hit_id>(.*)<\/Hit_id>/ || $_ =~ /(<Iteration_stat>)/
+@@ -310,17 +324,15 @@
+ afp.close
+ 
+ STDERR.puts "Performing alignment .. "
+-system( mafftpath + mafftopt + " /tmp/_af#{$$} > /tmp/_bf#{$$}" )
++system( mafftpath + mafftopt + " #{temp_af} > #{temp_bf}" )
+ STDERR.puts "done."
+ 
+-bfp = File.open( "/tmp/_bf#{$$}", 'r' )
++bfp = File.open( "#{temp_bf}", 'r' )
+ outseq = []
+ outnam = []
+ readfasta( bfp, outnam, outseq )
+ bfp.close
+ 
+-
+-
+ outseq2 = []
+ outnam2 = []
+ 
+@@ -356,5 +368,3 @@
+ 	puts ">" + outnam2[i]
+ 	puts outseq2[i].gsub( /.{1,60}/, "\\0\n" )
+ end
+-
+-system( "rm -rf /tmp/_if#{$$} /tmp/_vf#{$$} /tmp/_af#{$$} /tmp/_bf#{$$} /tmp/_pf#{$$} /tmp/_q#{$$} /tmp/_res#{$$} /tmp/_rid#{$$}" )
+diff -Naur mafft-6.240/src/mafft.tmpl mafft-6.240.new/src/mafft.tmpl
+--- mafft-6.240/src/mafft.tmpl	2007-04-03 19:16:51.000000000 -0400
++++ mafft-6.240.new/src/mafft.tmpl	2008-09-05 17:18:04.000000000 -0400
+@@ -240,11 +240,14 @@
+ 		shift   
+ 	done;
+ 
+-#	TMPFILE=/tmp/`basename $0`.`whoami`.$$.`date +%y%m%d%H%M%S`
+-	TMPFILE=/tmp/$progname.$$
++        # create temporary directory; terminate script in case of failure
++	if ! TMPFILE=`mktemp -dt $progname.XXXXXXXXXX`; then
++          echo "Failed to create temporary directory"
++          exit 1
++        fi
++
+ 	umask 077
+-	mkdir  $TMPFILE  || er=1
+-	trap "rm -r $TMPFILE " 0
++	trap "rm -rf $TMPFILE " 0
+ 	if [ $# -eq 1 ]; then
+ 		if [ -r "$1" -o "$1" = - ]; then
+ 			cat "$1" | tr "\r" "\n" > $TMPFILE/infile 
diff --git a/sci-biology/mafft/mafft-5.861-r1.ebuild b/sci-biology/mafft/mafft-5.861-r1.ebuild
deleted file mode 100644
index fdf6396c96cb..000000000000
--- a/sci-biology/mafft/mafft-5.861-r1.ebuild
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright 1999-2007 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/mafft-5.861-r1.ebuild,v 1.2 2007/10/10 10:23:40 markusle Exp $
-
-inherit toolchain-funcs multilib
-
-DESCRIPTION="Multiple sequence alignments using a variety of algorithms"
-HOMEPAGE="http://align.bmr.kyushu-u.ac.jp/mafft/software/"
-SRC_URI="http://align.bmr.kyushu-u.ac.jp/mafft/software/${P}-src.tgz"
-LICENSE="free-noncomm"
-SLOT="0"
-KEYWORDS="~x86"
-IUSE=""
-RDEPEND=""
-DEPEND="${RDEPEND}"
-
-src_compile() {
-	cd src
-	emake \
-		PREFIX="/usr/$(get_libdir)/${PN}" \
-		CC="$(tc-getCC)" \
-		CFLAG="${CFLAGS}" \
-		|| die "make failed"
-}
-
-src_install() {
-	pushd src
-	emake PREFIX="${D}usr/$(get_libdir)/${PN}" install || die "install failed"
-	popd
-	dodoc readme
-}
diff --git a/sci-biology/mafft/mafft-6.240.ebuild b/sci-biology/mafft/mafft-6.240-r1.ebuild
index ed0f76d02d47..84c9ce1cb3ac 100644
--- a/sci-biology/mafft/mafft-6.240.ebuild
+++ b/sci-biology/mafft/mafft-6.240-r1.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2007 Gentoo Foundation
+# Copyright 1999-2008 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/mafft-6.240.ebuild,v 1.1 2007/10/10 10:23:40 markusle Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/mafft-6.240-r1.ebuild,v 1.1 2008/09/23 01:32:55 markusle Exp $
 
-inherit toolchain-funcs multilib
+inherit toolchain-funcs multilib eutils
 
 DESCRIPTION="Multiple sequence alignments using a variety of algorithms"
 HOMEPAGE="http://align.bmr.kyushu-u.ac.jp/mafft/software/"
@@ -14,6 +14,13 @@ IUSE=""
 RDEPEND=""
 DEPEND="${RDEPEND}"
 
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${P}-mktemp.patch
+}
+
 src_compile() {
 	cd src
 	emake \